I feel Obsidian is often incomplete without community plugins. And Developers can’t leave the security issue regarding them simply on users. (I am talking about the safemode thing) So there should be some tracker built in Obsidian which allows users to track internet activity of various components be it Community plugins or Core updater or Core plugins. I don’t doubt the developers, but I would welcome stats of core activity so that user may crosscheck with their third party net log software, just to tally.
So, I propose that there be a in-tamper-able activity log, which records every internet activity which Obsidian and the plugins do.
for example Record these data points:
Which component connected to internet?
At what time?
what amount of data it downloaded and uploaded?
if possible, what nature of data it downloaded or uploaded?
note: component means the core updater or plugin etc
This is a great first step towards security. Security is not only a matter of trusting developers. It’s also a matter of closing vulnerabilities. Even if developers are ethical, bad actors can still exploit loopholes to wreak havoc.
Also, it could be helpful to have an optional system to submit these logs to be analyzed by someone or something that can understand the nitty gritty because there is a chance that it would act differently on different systems.
I really like the idea of logs for our Obsidian sessions in an of themselves for keeping track of vault action.